Azure DevOps Personal Access Token

Description

General

• Documentation: https://docs.microsoft.com/en-us/azure/devops/cli/log-in-via-pat?view=azure-devops&tabs=windows

• Summary: Azure is a cloud computing service created by Microsoft. The Azure DevOps personal access tokens are used to authenticate with the command line interface. This detector finds these secrets.

• IPs allowlist: See API Management policies.

• Scopes: Keys are specific to an API.

Revoke the secret

Keys can be rotated from Azure portal, PowerShell and Azure CLI.

Check for suspicious activity

Azure gives access to detailed logs, see Azure platform logs.

Details for Azure devops personal access token

• Family: Api

• Category: Cloud Provider

• Company: Microsoft

• High recall: False

• Validity check available: False

• Minimum number of matches: 1

• Occurrences found for one million commits: 7.92

• Prefixed: False

• PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^pkl$  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: true  ban_markup: true- type: ContentWhitelistPreValidator  patterns:  - azure

Examples

- text: AZURE_TOKEN=sbkaosrekhbkmrthrkceu53534sbrgb5t34h5b3h45b3r4asnbua  apikey: sbkaosrekhbkmrthrkceu53534sbrgb5t34h5b3h45b3r4asnbua